Logs can tell you what happened. AxonFlow records why a model or tool action was allowed, blocked, paused, or resumed. It is the self-hosted runtime control layer that platform teams deploy when request-level gateways and post-hoc audit trails stop being enough.
Start locally if you are exploring. Request Evaluation when you need realistic limits and approval workflows. Use Design Partner when you want direct architecture help and enterprise rollout support.
Use Community when you are validating fit, integration path, and basic governance controls on your own.
Read getting started βRequest a free 90-day Evaluation license when you need higher limits, approval gates, and a more realistic production-readiness test.
Start Safe Evaluation βApply to Design Partner when you already have a real workflow and want founder-led help getting to production.
Apply for Design Partner β2-minute product demo β See how AxonFlow enforces runtime policies and controls agent execution in practice. βΆ Watch video
Architecture deep dive (12 min) β How the control plane works, policy enforcement flow, and multi-agent planning. βΆ Watch video
Platform teams in regulated environments face the same set of hard problems when deploying AI systems internally.
Security and compliance teams need to know not just that an AI action happened, but why it was allowed and which policy or approval path applied
PII leaks to external providers, risky calls bypass the intended path, and no one can say whether a retry is safe without reconstructing the run by hand
Individual teams adopt AI independently, creating fragmented tooling with no centralized governance or visibility
EU AI Act, HIPAA, GDPR, RBI, and SEBI increasingly mandate audit trails, human oversight, and data residency for AI systems
Not another gateway or observability add-on. AxonFlow sits in the execution path, enforces policy, and records decision context while workflows are running.
Step gates for existing orchestrators with per-step policy checks, approvals, and execution identity
Secure connectors to internal systems via Model Context Protocol
RBAC, ABAC, and runtime policy checks with deny-by-default execution controls
Decision context, audit trails, and exportable evidence for engineering, security, and compliance reviews
Production-validated performance with sub-10ms policy enforcement. Not a bolt-on toolβa native governance layer.
Sub-10ms P95 policy evaluation that doesn't slow down your AI. In-memory policy engine with deny-by-default security and 5 built-in media safety policies.
Policy checkpoints for external orchestrators. Each workflow step and tool call is governed independently before execution proceeds.
Agents access internal systems through Model Context Protocol connectors. Every query is scanned for PII, exfiltration, and policy violations before execution.
Immutable audit log for every LLM call, tool invocation, and policy decision. Prometheus/Grafana dashboards included. Compliance-ready for EU AI Act, HIPAA, GDPR, RBI, and SEBI.
Vendor-neutral routing across OpenAI, Anthropic, AWS Bedrock, Google, and local models. Automatic failover when providers go down.
Add governance to existing AI applications without rewriting code. Works with your current orchestrator, LLM provider, and deployment.
Full-featured web portal for AI governance operations. Monitor executions, manage approvals, configure policies, and track costs without writing code.
Pre-built frameworks for healthcare, financial services, and EU regulations. Deploy AI with confidence.
Clone the repo, run locally, inspect the source. Full platform under the BSL 1.1 license. No vendor lock-in.
Full source code available under BSL 1.1. Inspect, modify, and deploy on your own infrastructure.
Policy engine, PII detection, SQL injection scanning, Gateway and Proxy modes included.
Official SDKs for Python, TypeScript, Go, and Java. OpenClaw plugin for AI agent governance. Integrate in minutes.
Start with Community Edition. Get a free Evaluation license for higher limits and org-wide policies, or upgrade to Enterprise for advanced compliance and connectors.
| Feature | Community | Evaluation (Free) | Enterprise |
|---|---|---|---|
| Resource Limits | |||
| Tenant Policies | 20 | 50 | Unlimited |
| Organization-Wide Policies | 0 | 5 | Unlimited |
| Connectors with Custom Policies | 2 | 5 | Unlimited |
| Audit Log Retention | 3 days | 14 days | 10 years |
| LLM Providers | 2 | 3 | Unlimited |
| Execution History | 50 | 500 | Unlimited |
| Concurrent Executions | 5 | 25 | Unlimited |
| MAP Plans | 25 | 100 | Unlimited |
| Versions per Plan | 10 | 25 | Unlimited |
| SSE Connections | 5 | 25 | Unlimited |
| Cost Estimates / Day | 10 | 100 | Unlimited |
| Pending Execution Approvals | 5 | 25 | Unlimited |
| Media Analyzers | 2 | 2 | Unlimited |
|
Concurrent Executions β MAP and WCP executions running at the same time per tenant
Pending Execution Approvals β executions waiting for human approval in MAP confirm/step mode or WCP queues
MAP Plans β multi-agent plans that break complex tasks into coordinated steps
Versions per Plan β how many revisions of a single MAP plan are retained
SSE Connections β server-sent event connections for streaming execution progress in real time
Cost Estimates / Day β number of LLM cost estimation requests allowed per day
Execution History β completed execution records kept for review and audit
Media Analyzers β concurrent image analysis modules (OCR, content safety, face detection) per request
| |||
| Core Platform | |||
| Policy Engine (<10ms P95) | β | β | β |
| PII Detection (12+ types incl. Aadhaar, PAN, UPI) | β | β | β |
| SQL Injection Scanning (Advanced - 37+ patterns) | β | β | β |
| Multi-Agent Planning (MAP) | β | β | β |
| Prometheus/Grafana Metrics (80+) | β | β | β |
| Multimodal Image Governance (NSFW, PII, faces, OCR) | β | β | β |
| System Media Policies (NSFW, violence, biometric, PII, sensitive docs) | 5 rules (opt-in) | 5 rules | 5 rules + custom |
| Cloud Vision Analyzers (AWS Rekognition, Google, Azure) | β | β | β |
| LLM Providers | |||
| OpenAI, Anthropic, Ollama | β | β | β |
| AWS Bedrock | β | β | β |
| MCP Connectors | |||
| Database (PostgreSQL, MySQL, MongoDB) | β | β | β |
| Enterprise (Salesforce, Slack, Snowflake, Jira, ServiceNow) | β | β | β |
| Compliance Frameworks | |||
| GDPR & PCI-DSS | β | β | β |
| EU AI Act, RBI FREE-AI, SEBI, HIPAA (policy templates) | β | β | β |
| Enterprise Features | |||
| Customer Portal (Execution Timeline, Approval Dashboard, Analytics) | β | β | β |
| Human-in-the-Loop, Kill Switch, SSO/SAML | β | β | β |
| Per-Tenant Media Governance | β | β | β |
| HITL Approval Gates | β | β 100 pending, 24h expiry |
β |
| Policy Simulation | β | β 300/day |
β Unlimited |
| Evidence Export | β | β 14-day, 3/day |
β Unlimited |
| 24/7 Support + SLA | β | β | β |
Start with our managed SaaS or deploy in your VPC/on-premises for complete data sovereignty.
Feedback from senior engineers evaluating AxonFlow for production AI governance.
AxonFlow is built for the teams responsible for running AI systems safely in production, not for building demos.
Sub-10ms P95 policy enforcement. The governance layer sits in the hot path and cannot add latency. AxonFlow is built for that constraint.
Runs entirely in your infrastructure. Prompts, policies, audit logs, and LLM traffic stay in your environment. Anonymous telemetry can be disabled, and air-gapped deployment is supported.
Founded by engineers who built internal platforms at Booking.com (1,500+ engineers, millions of daily users). AxonFlow reflects that operational experience.
Start in observe-only mode. Add policy enforcement progressively. Gateway mode wraps existing LLM calls with zero code changes. No rip-and-replace required.
AxonFlow is source-available and self-hosted. Clone it, run it locally, and evaluate it against your requirements.
Questions? Reach out directly:
[email protected]